It's time to regulate consumer privacy

Some of the biggest names in the tech world joined forces Monday to tell Uncle Sam that enough's enough: Quit spying on their customers.

AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter and Yahoo said in an open letter to President Obama that in light of recent revelations about the National Security Agency snooping on websites and communications networks, there's an "urgent need to reform government surveillance practices worldwide."

That's a pretty bold claim to the moral high ground considering that each of these companies routinely mines customer data for their own purposes (read: profit).

And then there's AT&T, which made clear in a letter to the Securities and Exchange Commission last week that it will keep complying with government requests for customer records "to the extent required by law."

Moreover, the telecom giant said the company shouldn't have to come clean with shareholders about helping the feds peek into people's lives. This stuff is top secret, AT&T said, so it has no obligation to address the issue at its annual shareholder meeting this spring.

The company's letter was a response to calls from the ACLU of Northern California and other groups for phone companies to be more upfront about their dealings with the NSA.

The private sector always has had a troubled relationship with consumer privacy. On the one hand, companies insist that they take such issues very seriously and do their utmost to be responsible stewards of customers' personal data.

On the other, they're not stupid. In-depth data about where we shop, what we buy, whom we communicate with and how we behave is a marketing treasure trove.

Businesses benefit both from exploiting this information for their own purposes and selling it to others.

Consumer data is arguably the single most valuable commodity in the corporate world. This is why it needs to be safeguarded and regulated like any other financial commodity. More on that in a moment.

Many people probably would agree with the Silicon Valley heavyweights that the feds have gone too far in bending information technology to their own ends.

We learned Monday that the NSA even has been spying on "World of Warcraft" gamers, who romp about online in the guise of elves, trolls and other fantasy folk. The suspicion was that terrorists might be communicating with one another via such role-playing games.

In their open letter, the tech bigwigs called for a limit on government agencies vacuuming up huge amounts of computer and phone users' information. They're also seeking tighter legal restrictions on granting the government such powers.

"We understand that governments have a duty to protect their citizens," the companies said. "But this summer's revelations highlighted the urgent need to reform government surveillance practices worldwide.

"The balance in many countries has tipped too far in favor of the state and away from the rights of the individual — rights that are enshrined in our Constitution. This undermines the freedoms we all cherish."

No argument. But it's more than a little laughable that the likes of Facebook and Google are positioning themselves as guardians of people's privacy.

Google, after all, said earlier this year that "just as a sender of a letter to a business colleague cannot be surprised that the recipient's assistant opens the letter, people who use Web-based email today cannot be surprised if their emails are processed by the recipient's [email provider] in the course of delivery."

In other words, the company feels free to read your email and do as it pleases with whatever it finds there.

And Facebook, well, I could spend the rest of this column listing its various privacy trespasses. The company unveiled yet another iteration of its privacy policy last month, making clear that Facebook has the right to use people's personal info for commercial purposes.

It's understandable that businesses would want to leverage all assets for financial gain, just as it requires little awareness of spycraft to understand why governments would want to prowl surreptitiously around communications networks.

So if we can agree that consumer data is extremely valuable to both the public and private sectors, then surely we can agree that more stringent and sustained efforts are needed to oversee how such information is being used.

Some states, such as California, have enacted relatively strong privacy laws. Others are content to allow data crunchers to operate largely in the shadows.

We don't tolerate such ambiguity in financial markets. Various federal agencies monitor trading in everything from oil and corn to stocks and bonds.

Why should consumer data be any different?

There's no need to create a new entity to oversee national privacy issues. The Consumer Financial Protection Bureau already is well-positioned to expand its current responsibilities to include oversight of how people's personal information is used.

Lawmakers, meanwhile, need to establish clear national guidelines for privacy. This isn't as farfetched as it may seem. The European Union already has enacted wide-ranging privacy rules.

If our own lawmakers lack the wherewithal or imagination to come up with their own regulations, we could always start with some of the common-sense guidelines in place across the Atlantic for collection, use, disclosure and storage of people's personal info.

In "Dr. Strangelove," Gen. Jack D. Ripper paraphrased French statesman Georges Clemenceau by saying that "war was too important to be left to the generals."

Privacy is too important to be left to businesses and spy agencies. We need someone watching the watchers.

David Lazarus' column runs Tuesdays and Fridays. He also can be seen daily on KTLA-TV Channel 5 and followed on Twitter @Davidlaz. Send your tips or feedback to david.lazarus@latimes.com.